Published: 03/12/2012 Updated: 19/09/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 655

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions up to and including 5.5.28, and 5.1.53 and other versions up to and including 5.1.66, and MariaDB 5.5.2.x prior to 5.5.28a, 5.3.x prior to 5.3.11, 5.2.x prior to 5.2.13 and 5.1.x prior to 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mariadb mariadb 5.5.21
mariadb mariadb 5.5.22
mariadb mariadb 5.3.4
mariadb mariadb 5.3.3
mariadb mariadb 5.2.7
mariadb mariadb 5.2.8
mariadb mariadb 5.2.3
mariadb mariadb 5.2.4
mariadb mariadb 5.1.49
mariadb mariadb 5.1.50
mariadb mariadb 5.5.24
mariadb mariadb 5.5.23
mariadb mariadb 5.3.0
mariadb mariadb 5.3.1
mariadb mariadb 5.3.2
mariadb mariadb 5.3.9
mariadb mariadb 5.3.10
mariadb mariadb 5.2.1
mariadb mariadb 5.2.2
mariadb mariadb 5.1.44
mariadb mariadb 5.5.27
mariadb mariadb 5.5.28
mariadb mariadb 5.3.7
mariadb mariadb 5.3.8
mariadb mariadb 5.2.11
mariadb mariadb 5.2.0
mariadb mariadb 5.2.12
mariadb mariadb 5.1.41
mariadb mariadb 5.1.42
mariadb mariadb 5.1.55
mariadb mariadb 5.1.60
oracle mysql 5.5.19
oracle mysql 5.1.53
mariadb mariadb 5.1.47
mariadb mariadb 5.1.61
mariadb mariadb 5.1.62
mariadb mariadb 5.5.20
mariadb mariadb 5.5.25
mariadb mariadb 5.3.6
mariadb mariadb 5.3.5
mariadb mariadb 5.2.9
mariadb mariadb 5.2.10
mariadb mariadb 5.2.5
mariadb mariadb 5.2.6
mariadb mariadb 5.1.51
mariadb mariadb 5.1.53

Synopsis Important: mysql security update Type/Severity Security Advisory: Important Topic Updated mysql packages that fix one security issue are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security impact A Common Vulnerability Sc ...

Synopsis Important: mysql security update Type/Severity Security Advisory: Important Topic Updated mysql packages that fix two security issues are now available forRed Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Sco ...

Debian Bug report logs - #695001 mysql-55: New MySQL issues Package: mysql-55; Maintainer for mysql-55 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Mon, 3 Dec 2012 07:54:02 UTC Severity: grave Tags: security Fixed in version mysql-5 ...

MySQL could be made to run programs if it received specially crafted network traffic from an authenticated user ...

Several security issues were fixed in MySQL ...

A stack-based buffer overflow flaw was found in the user permission checking code in MySQL An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon (CVE-2012-5611) ...

#!/usr/bin/perl =for comment MySQL Server exploitable stack based overrun Ver 5519-log for Linux and below (tested with Ver 5153-log for suse-linux-gnu too) unprivileged user (any account (anonymous account?), post auth) as illustrated below the instruction pointer is overwritten with 0x41414141 bug found by Kingcope this will yield a sh ...

CWE-119 http://seclists.org/fulldisclosure/2012/Dec/4 http://www.exploit-db.com/exploits/23075 http://www.openwall.com/lists/oss-security/2012/12/02/3 http://www.openwall.com/lists/oss-security/2012/12/02/4 http://rhn.redhat.com/errata/RHSA-2012-1551.html http://www.ubuntu.com/usn/USN-1658-1 http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://rhn.redhat.com/errata/RHSA-2013-0180.html http://www.ubuntu.com/usn/USN-1703-1 http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html http://www.debian.org/security/2012/dsa-2581 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html https://kb.askmonty.org/en/mariadb-5528a-release-notes/http://secunia.com/advisories/51443 https://kb.askmonty.org/en/mariadb-5311-release-notes/https://kb.askmonty.org/en/mariadb-5213-release-notes/https://kb.askmonty.org/en/mariadb-5166-release-notes/http://lists.opensuse.org/opensuse-updates/2013-09/msg00010.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 http://secunia.com/advisories/53372 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16395 https://access.redhat.com/errata/RHSA-2012:1551 https://nvd.nist.gov https://usn.ubuntu.com/1658-1/https://www.exploit-db.com/exploits/23075/

CVE-2012-5611

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect